GeekMasher's Blog

Konarr v0.5.0 - Major UI Overhaul and API Improvements

Konarr v0.5.0 - Major UI Overhaul and API Improvements

Konarr v0.5.0 brings significant improvements to the user interface, new API endpoints, enhanced user management, and better dependency tracking capabilities

Objective by the Sea v8

Objective by the Sea v8

MacOS and iOS security conference Objective by the Sea v8 in Ibiza, Spain.

Building a CodeQL Extractor from Scratch

Building a CodeQL Extractor from Scratch

This is a deep-dive into building a CodeQL Extractor from scratch using Tree-Sitter and Rust.

Series - Building a CodeQL Language from Scratch

Series - Building a CodeQL Language from Scratch

A series of posts that will guide you through the process of building a CodeQL language support from scratch

Talk - 'Deep-dive into Containers and How to Secure Them'

Talk - 'Deep-dive into Containers and How to Secure Them'

Containers are a fundamental building block for modern applications, but they bundle a large amount of third-party code. Identifying what’s inside an image (and which versions) is critical for security. This post summarises a January 2025 presentation at Defcon 44131 covering how containers work, why SCA (Software Composition Analysis) matters, common open-source tooling (Syft/Grype, Trivy, Docker Scout, Clair) and an introduction to Konarr — an SCA platform focused on containers. It closes with pragmatic steps to reduce risk: scan early, monitor continuously, patch often, and shrink the attack surface.